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DETAILED ACTION 

1 . This office action is a response to the U.S. application Serial No. 1 1/721562 filed on 1 1/25/03. 
Claims 1-23 are presented for examination. 

INFORMATION DISCLOSURE STATEMENT 

2. The Applicant's submission of the IDS filed 03/3 1/04 have been considered. As required by 
M.P.E.P. 609 C(2), a copy of the PTOL-1449 is attached to the instant office action. 



Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful 
improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. 



3. Claims 20-22 are rejected under 35 USC-101. 

Claims 20-22 recite "computer-readable medium". However, in view of applicants* disclosure, 
specification page 5, [0021], the medium is not limited to tangible embodiments, instead being 
defined as including both tangible embodiments (e.g., CD-ROM, EEPROM) and intangible 
embodiments (e.g., communication media), which are not statutory. 



Claim Rejections - 35 USC §102 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis 
for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 



(e) the invention was described in a patent granted on an appUcation for patent by another filed in the United States before the 
invention thereof by the appHcant for patent, or on an international application by another who has fulfilled the requirements of 
paragraphs (1), (2), and (4) of section 371(c) of this title before the invention thereof by the applicant for patent. 
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4. Claims 1-4, 7-8 are rejected under 35 U.S.C.102 (e) as being anticipated by Carter et al. US 
2004/0091114. 

Carter teaches: 

Per claim 1, a system for providing a computing environment, the environment including a 
virtual memory [page 3/[0032]], the system comprising: a virtual memory manager [a paging 
system 1320, which is part of a virtual memory system, page 15/[0203-0204]] that provides the 
virtual memory by moving or copying data between a volatile memory and a paging file [The 
theoretical virtual page parameter x shall separate how each EOS kernel shall select its page size 
to load and unload data fi-om the secondary physical storage medium ("the hard disk"). The 
parameter "x" shall denote the size of each page partition, where each partition shall be based 
upon the size of the physical limitations of the computer platform's random access memory 
(RAM, DRAM, etc.), page 15/[0207]; Virtual Page, page 15/[0210]] stored in a hard disk, the 
system protecting the contents of the virtual memory by encrypting the data stored in the paging 
file [The EOS (Encrypting operating system) is configured to use a symmetric encryption 
algorithm and an encryption key to encrypt data transferred firom physical memory to secondary . 
devices, such as disks, swap device, network file systems, network buffers, pseudo file systems, 
or any other structures extemal to the physical memory and on which can data can be stored; 
abstract; page 4/[0054]; fig. 15, page 15/[0208]; page 15 [0203-0204]; Encrypted File System, 
page 7/[0105]]. 

Per claim 2, the virtual memory manager communicates the data to a file system, wherein the 
file system causes the data to be encrypted prior to storing the data in the paging file [encrypting 
and decrypting data transferred between a computer's physical memory and a secondary device, 
page 2/[0014]; page 2/[0019]; page 11/[0163-0164]]. 

Per claim 3, the file system marks the paging file for encryption, and wherein the paging file, 
upon receiving a request to store the data in the paging file, determines that the paging file has 
been marked for encryption and communicates with an encryption component [EOS, page 
4/0558, 0069] to encrypt the data [the EOS provides the following additional functions: (1) it 
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creates secured files by encrypting data; (2) it prevents the mass removal of files; (3) it provides 
authenticated authorized access to secured files, for opening, reading, and writing; (3) it provides 
authenticated authorization for seeking within a file; (5) it ensures that when files are closed, and 
thus written back to disk, the files are encrypted; (6) it encrypts secured directories, thus securing 
them; (7) it prevents the unauthorized listing of directories; and (8) it controls iaccess to the 
encrypted file names (i.e., the contents of the directories), thus preventing the unauthenticated 
and unauthorized removal of the encrypted files, page 6/[0097]]. 

Per claim 4, a key generator [724, fig. 7] that generates a session key, the session key being used 
to encrypt the data, and the session key being fiirther needed for subsequent decryption of the 
encrypted data [page 6/[0097]; page 9/[[0122]; page 10/[0129]]. 

Per claim 7, encryption of the data is performed according to one or more of the following 
algorithms: Data Encryption Standard (DBS); Triple-DES (3DES); or Advanced Encryption 
Standard (AES) [page l/[0006-0007]. 

Per clainri 8, the system fiirther protects the contents of the virtual memory by ensuring that all 
user mode applications and data that are stored in the virtual memory are encrypted when being 
stored in the paging file [abstract; page 2/[0019]]. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 
rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if 
the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would 
have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claims 5, 9-10, 12, 14-15, 18, 20, 23 are rejected under 35 U.S.C 103(a) as being 
unpatentable over Carter, and in view of Challener et al. us 2003/0188179. 
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Per claim 5: Carter does not teach the session key is non-persistently stored in a manner that 
causes the session key to become unavailable in the event that a boot occurs after generation of 
the session key. 

Challener teaches the session key is non-persistently stored in a manner that causes the 
session key to become unavailable in the event that a boot occurs after generation of the session 
key [page 6/claim 4]. 

It would have been obvious to one having ordinary skill in the art at the time the invention 
was made to combine Challener to Carter so that the encryption key is not directly accessible to 
the application, thus guaranteeing the OS or other programs running on the system are not 
provided with access to and caimot "grab" the crypto keys and also caimot save data in memory 
locations to which they do not have authorization [page 5/[0054]]. 

Per claims 9, 14, 20, 23: Carter teaches the claimed limitations as mentioned in claim 1 and 
fiirther teaches: said file system causing said contents to be encrypted with a key prior to storing 
said contents in said paging file [see claims 1-4 above], said key being required to decrypt 
information contained in said paging file [page 4/[0054]]. 

Carter does not teach: said key being stored in a manner such that a reboot of a machine on 
which said key is stored causes said key to be lost. 

Challener teaches the encryption key being stored in a maimer such that a reboot of a 
machine on which said key is stored causes said key to be lost [see claim 5 above]. 

It would have been obvious to one having ordinary skill in the art at the time the invention 
was made to combine Challener to Carter for the same reason provided above. 

Per claim 10, generating said key upon a boot of said machine [bootstrap code, page 17/[0218]]. 

Per claim 12, the file system causes said contents to be encryption by communicating with an ' 
encryption component, the encryption component encrypting files that have been marked by the 
file system for encryption [page 4/0058, 0068]]. 
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Per claim 15, the encryption component reserves a block of memory upon startup [page 
11/[0164]]. 

Per claim 18, said key is generated before said virtual memory manager directs the storage of 
data into the paging file [data transmitted to the sockfs file system, and thus over a socket 
connection, is encrypted before it is transmitted firom the physical memory of a computer system 
over the socket connection, page 14/[0202]]. 

Claims 6, 19, 22 are rejected imder 35 U.S.C 103(a) as being unpatentable over Carter, in viev^ 
of Challener et al., and fiirther in view of Masui et al US 2004/0190714. 

Per claims 6, 19, 22: Carter and Challener do not teach protects the contents of the virtual 
memory by ensuring that there is no persistent storage of the session key. 
Masui teaches the encryption key is stored in a volatile memory [page 1[0014]]. 

It would have been obvious to one having ordinary skill in the art at the time the invention 
was made to combine Masui to Carter-Challener for the reason provided above. 

Claims 1 1, 13, 16-17, 21 are rejected under 35 U.S.C 103(a) as being unpatentable over Carter- 
Challener. 

Per claims 11, 13: Carter-Challener does not teach prior to generation of said key, reserving a 
block of said volatile memory for use as a workspace, whereby use of the workspace avoids the 
need to copy volatile memory contents to disk prior to generation of the session key. Reserving a 
block of said volatile memory in which data may be passed back and forth between the file 
system and the encryption component. 

However, It would have been obvious to one having ordinary skill in the art at the time the 
invention was made because reserving a block of said volatile memory in which data may be 
passed back and forth between the file system and the encryption component for use as a 
workspace prior to generation of said key in an encrypted manner in order to render cracking the 
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encryption key more difficult. Since the encryption key is stored in a particular block of the 
volatile memory (instead of scattering over different blocks), this make the encryption key being 
easy to control and protect. 

Per claims 16-17, 21: Carter-Challener does not teach: 

a) the block of memory is used as a buffer to pass information between the file system and the 
encryption component, and as a workspace for the encryption component prior to generation of 
said key; 

b) whereby sufficient space for storage of said encryption component's operating data exists in 
said volatile memory prior to generation of said key. 

However, it would have been obvious to one having ordinary skill in the art at the time the 
invention was made because: a) buffer is a well-known feature in the art that can queue 
incoming or outgoing data while the destination is busy executing previous data/instruction. In 
doing so, data being transferred is not lost since the buffer can temporary store the data until the 
destination is free; b) as stated in claim 5 above storing encryption key in volatile memory will 
prevent encryption key fi^om being "grap". 

Conclusion 

Any response to this action should be mailed to: 

Under Secretary of Commerce for intellectual Property and Director of the 
United States Patent and Trademark Office 
PO Box 1450 

Alexandria, VA 22313-1450 
or faxed to: 

(571) 273-8300, (for Official communications intended for entry) 

Information regarding the status of an application may be obtained fi-om the Patent 
Application Information Retrieval (PMR) system. Status information for published 
Applications may be obtained firom either Private PMR or Public PMR. Status information 
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for unpublished applications is available through Private PAIR only. For more information 
about the PAIR system, see http//pak-direct.uspto.gov. Should you have questions on access 
to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 
(toll-free). 

Any inquiry concerning this commimication or earlier commimications from the examiner 
should be directed to Ngoc Dinh whose telephone number is (571) 272-4191. The examiner 
can normally be reached on Monday-Friday 8:30 AM-5:00 PM. 

If attempts to reach the examiner by telephone are imsuccessful, the examiner's supervisor, 
Reginald Bragdon, can be reached on (571) 272-4204. 
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